Skip to content

0.27.0
Compare
Choose a tag to compare
@ripienaar ripienaar released this 22 Mar 11:08
· 269 commits to main since this release
v0.27.0
This tag was signed with the committer’s verified signature.
ripienaar R.I.Pienaar
GPG key ID: 02E5780DF1BC6F01
Learn about vigilant mode.
c3ef4b5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Enhhancements

  • Introduce Choria JWT based security and Protocol version 2
  • Choria Message Submit can sign published messages when using Choria Security
  • Enhance the request signing protocol to include signatures made using the private key
  • Introduce the concept of a Organization Issuer and chain of trust JWT tokens for Server and Client issuers
  • Support Hashicorp Vault as storage for the Organization Issuer and the choria jwt command
  • Do not terminate servers on authentication error
  • New Client JWT permissions to indicate a client can access the provisioning account in the broker
  • Allow provisioning over non TLS when holding an Org Issuer signed provisioning JWT
  • Support Choria Provisioner using version 1 Protocol
  • Support full Choria version upgrades during provisioning
  • Add a new RPC Authorization plugin that requires and authorize policies found in client JWTs
  • Create a new dedicated backplane docs site https://choria-io.github.io/go-choria
  • Allow the machines watcher spec signer public key to be set in config
  • Support direct mode for Choria Key-Value Stores to increase scale and throughput
  • Support multi-arch binaries for external agents
  • Support streaming JSON output on choria req to assist non-golang clients to be built quicker
  • Create a tool to monitor JWT token health and contents
  • Add the --governor permission to choria jwt server
  • Include the number of Lifecycle events published in instance stats, data and rpcutil output
  • Record exec watcher events in lifecycle recorder
  • Emit new upgraded events when release upgrading a running server via provisioning
  • Support leader election for tally and label metrics by leader state
  • Support adding headers to Choria Message Submit messages
  • Record the builtin type as plugin in nagios watcher events

Deprecations

  • Remove numerous deprecated configuration settings

Bug Fixes

  • Improve handling defaults in output DDLs for generated clients
  • Improve fact filter parsing to handle functions both left and right of the equation
  • Ensure provisioning tokens have a default non-zero expiry
  • Improve DDL schema validation
  • Improve plugin generate ddl UX
  • Improve handling of governors on slow nodes and during critical failures
  • Fix validation of Autonomous Agents that use timer watchers
  • Allow choria machine run to be used without a valid Choria install
  • Correctly detect paths to ed25519 public keys that are 64 characters long as paths
  • Ensure multiple AAA Login URLs are parsed correctly

Other Changes

  • Extract the tokens package into github.com/choria-io/tokens
  • Add context.Context to the provisioner target resolve Configure() method
  • Export SetBuildBasedOnJWT in default proftarget plugin

New Contributors

Full Changelog: v0.26.2...v0.27.0

Contributors

ploubser
Assets 2
Loading